async def add(uname: str, password: str, mail: str, reg_ip: str = '', uid: int = None, priv: int = builtin.DEFAULT_PRIV, **kwargs): # Add a user. validator.check_uname(uname) # TODO: Filter name by keywords validator.check_password(password) validator.check_mail(mail) uname_lower = uname.strip().lower() mail_lower = mail.strip().lower() if not uid: uid = await system.inc_user_counter() for user in builtin.USERS: if user['_id'] == uid or user['uname_lower'] == uname_lower or user[ 'mail_lower'] == mail_lower: raise error.UserAlreadyExistError(uname) salt = pwhash.gen_salt() coll = db.Collection('user') try: return (await coll.insert_one({ '_id': uid, 'uname': uname, 'uname_lower': uname_lower, 'mail': mail, 'mail_lower': mail_lower, 'salt': salt, 'hash': pwhash.hash_password(password, salt), 'reg_at': datetime.datetime.utcnow(), 'reg_ip': reg_ip, 'priv': priv, 'login_at': datetime.datetime.utcnow(), 'login_ip': reg_ip, 'gravatar': mail, **kwargs })).inserted_id except errors.DuplicateKeyError: raise error.UserAlreadyExistError(uid, uname, mail) from None
async def post(self, *, mail: str): validator.check_mail(mail) if await user.get_by_mail(mail): raise error.UserAlreadyExistError(mail) rid, _ = await token.add(token.TYPE_REGISTRATION, options.options.registration_token_expire_seconds, mail=mail) await self.send_mail(mail, 'Sign Up', 'user_register_mail.html', url=self.reverse_url('user_register_with_code', code=rid)) self.render('user_register_mail_sent.html')
async def get(self, *, code: str): tdoc = await token.get(code, token.TYPE_CHANGEMAIL) if not tdoc or tdoc['uid'] != self.user['_id']: raise error.InvalidTokenError(token.TYPE_CHANGEMAIL, code) mail_holder_udoc = await user.get_by_mail(tdoc['mail']) if mail_holder_udoc: raise error.UserAlreadyExistError(tdoc['mail']) # TODO: Ensure mail is unique await user.set_mail(self.user['_id'], tdoc['mail']) await token.delete(code, token.TYPE_CHANGEMAIL) self.json_or_redirect(self.reverse_url('home_security'))
async def post(self, *, code: str, uname: str, password: str, verify_password: str): validator.check_uname(uname) doc = await token.get(code, token.TYPE_REGISTRATION) if not doc: raise error.InvalidTokenError(token.TYPE_REGISTRATION, code) if re.fullmatch(r'^team\d+$', uname) or await user.get_by_uname(uname): raise error.UserAlreadyExistError(uname) if password != verify_password: raise error.VerifyPasswordError() uid = await user.add(uname, password, doc['mail'], self.remote_ip) await domain.set_user_role(builtin.DOMAIN_ID_SYSTEM, uid, builtin.ROLE_DEFAULT) await token.delete(code, token.TYPE_REGISTRATION) await self.update_session(new_saved=False, uid=uid) self.json_or_redirect(self.reverse_url('domain_main'))
async def post_change_mail(self, *, current_password: str, mail: str): validator.check_mail(mail) udoc, mail_holder_udoc = await asyncio.gather( user.check_password_by_uid(self.user['_id'], current_password), user.get_by_mail(mail)) # TODO: raise other errors. if not udoc: raise error.CurrentPasswordError(self.user['uname']) if mail_holder_udoc: raise error.UserAlreadyExistError(mail) rid, _ = await token.add( token.TYPE_CHANGEMAIL, options.options.changemail_token_expire_seconds, uid=udoc['_id'], mail=mail) await self.send_mail(mail, 'Change Email', 'user_changemail_mail.html', url=self.reverse_url('user_changemail_with_code', code=rid), uname=udoc['uname']) self.render('user_changemail_mail_sent.html')